通过自定义策略级别为程序集提供对共享点的完全信任不起作用

发布于 2024-07-20 13:47:07 字数 3640 浏览 2 评论 0原文

我正在构建几个 ucercontrol。这些用户控件将托管在智能部分的返回中。我面临的问题是，与他们一起的我的集会没有适当地提供足够的权利。

为了实现这一目标，您（基本上）有三个选择；
1.将站点设置为完全信任级别（显然不希望这样做，对我来说也不起作用。程序集不受信任）
2.将组件放入gac中（也尝试过，也不起作用）。
3. 安全方面，我希望授予我的程序集一套特殊的权利。

这可以通过自定义信任文件来完成。这是我到目前为止想到的，但它不起作用。有人能指出我在这方面的正确方向吗？

在安全类元素中添加了这两个子句；

<SecurityClass Name="AssemblyOne" Description="MyAssemblies.AssemblyOne, Version=1.0.0.0, Culture=neutral, PublicKeyToken=132bddbb4f2e45f2"/>
<SecurityClass Name="AssemblyTwo" Description="MyAssemblies.AssemblyTwo, Version=1.2.0.0, Culture=neutral, PublicKeyToken=e5141be41498e913" />

在命名权限集中添加了此子句

        <PermissionSet
                class="NamedPermissionSet"
                version="1"
                Name="SPFULL"
                Unrestricted="true">
          <IPermission
                  class="AspNetHostingPermission"
                  version="1"
                  Level="Minimal"
                        />
          <IPermission
                  class="SecurityPermission"
                  version="1"
                  Flags="Execution"
                        />
          <IPermission class="WebPartPermission"
                  version="1"
                  Connections="True"
                        />
          <Assemblies>
            <Assembly Name="MyAssemblies.AssemblyOne" Version="1.0.0.0" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010015fd63eb99fee087978556fcf698fae059d75307d1ee8e44486a349ea87843344440af9051d4434bac1d219b3a219d5f0ff50e8c0ed9eb7c07eab19d9ff0494ecaafc5ce1cb65d59ddd153b0f09790d6641af0325aaceb81c2e55c4610a1c18ae9f5a476de2282918a293726bce20aa932e06666b4e8b6885775b919a93a91a9" />
            <Assembly Name="MyAssemblies.AssemblyTwo" Version="1.2.0.0" PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001007da2bfd8e8ec53bd9caa8a5e3af2408cabd60b04c1df80bf8cbad447addaa8a7854818c77ea4f1ada3b73f33836b716999a5aac2475b22c676cedb3fe42cb2ebfba9dc20c04b1baab5a75ead6169b45d1dbef0bcbe82d5f862f954739ed100eaf41425eddd559aee883c055da038d0d8c2e998db799d6e1995ddea95a48eb0b4" />
          </Assemblies>
        </PermissionSet>

，然后我将此子句添加到现有的“默认”代码组之上；

<CodeGroup
        class="UnionCodeGroup"
        version="1"
        PermissionSetName="SPFULL"
        Name="My first Web Part"
        Description="This code group grants the my first web part full permissions.">
        <IMembershipCondition
          class="StrongNameMembershipCondition"
          version="1"              PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010015fd63eb99fee087978556fcf698fae059d75307d1ee8e44486a349ea87843344440af9051d4434bac1d219b3a219d5f0ff50e8c0ed9eb7c07eab19d9ff0494ecaafc5ce1cb65d59ddd153b0f09790d6641af0325aaceb81c2e55c4610a1c18ae9f5a476de2282918a293726bce20aa932e06666b4e8b6885775b919a93a91a9" />
        <IMembershcipCondition
          Class="StrongNameMembershipCondition"
          version="1"
          PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001007da2bfd8e8ec53bd9caa8a5e3af2408cabd60b04c1df80bf8cbad447addaa8a7854818c77ea4f1ada3b73f33836b716999a5aac2475b22c676cedb3fe42cb2ebfba9dc20c04b1baab5a75ead6169b45d1dbef0bcbe82d5f862f954739ed100eaf41425eddd559aee883c055da038d0d8c2e998db799d6e1995ddea95a48eb0b4"/>
      </CodeGroup>

谁能向我指出如何做到这一点？

原文

I'm building a couple of ucercontrols. These usercontrols will be hosted within the return of the smartpart. The problem i'm facing is that my assembly that goes with them, is not properly provided with sufficient rights.

To achive this you've (basically) got three options;
1. set the site to full trust level (do not want this obviously, aint working for me either. The assembly is not trusted)
2. place the assembly in the gac (tried that too, also not working).
3. security wise what I would like is to grant my assembly with a special set of rights.

This can be done by means of a custom trust file. This is what I came up with so far, but it is not working. Can someone point me in the right direction on this one?

added these two clauses at the security classes element;

<SecurityClass Name="AssemblyOne" Description="MyAssemblies.AssemblyOne, Version=1.0.0.0, Culture=neutral, PublicKeyToken=132bddbb4f2e45f2"/>
<SecurityClass Name="AssemblyTwo" Description="MyAssemblies.AssemblyTwo, Version=1.2.0.0, Culture=neutral, PublicKeyToken=e5141be41498e913" />

added this clause in the named permission sets

        <PermissionSet
                class="NamedPermissionSet"
                version="1"
                Name="SPFULL"
                Unrestricted="true">
          <IPermission
                  class="AspNetHostingPermission"
                  version="1"
                  Level="Minimal"
                        />
          <IPermission
                  class="SecurityPermission"
                  version="1"
                  Flags="Execution"
                        />
          <IPermission class="WebPartPermission"
                  version="1"
                  Connections="True"
                        />
          <Assemblies>
            <Assembly Name="MyAssemblies.AssemblyOne" Version="1.0.0.0" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010015fd63eb99fee087978556fcf698fae059d75307d1ee8e44486a349ea87843344440af9051d4434bac1d219b3a219d5f0ff50e8c0ed9eb7c07eab19d9ff0494ecaafc5ce1cb65d59ddd153b0f09790d6641af0325aaceb81c2e55c4610a1c18ae9f5a476de2282918a293726bce20aa932e06666b4e8b6885775b919a93a91a9" />
            <Assembly Name="MyAssemblies.AssemblyTwo" Version="1.2.0.0" PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001007da2bfd8e8ec53bd9caa8a5e3af2408cabd60b04c1df80bf8cbad447addaa8a7854818c77ea4f1ada3b73f33836b716999a5aac2475b22c676cedb3fe42cb2ebfba9dc20c04b1baab5a75ead6169b45d1dbef0bcbe82d5f862f954739ed100eaf41425eddd559aee883c055da038d0d8c2e998db799d6e1995ddea95a48eb0b4" />
          </Assemblies>
        </PermissionSet>

then I added this clause above the the existing 'default' code group;

<CodeGroup
        class="UnionCodeGroup"
        version="1"
        PermissionSetName="SPFULL"
        Name="My first Web Part"
        Description="This code group grants the my first web part full permissions.">
        <IMembershipCondition
          class="StrongNameMembershipCondition"
          version="1"              PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010015fd63eb99fee087978556fcf698fae059d75307d1ee8e44486a349ea87843344440af9051d4434bac1d219b3a219d5f0ff50e8c0ed9eb7c07eab19d9ff0494ecaafc5ce1cb65d59ddd153b0f09790d6641af0325aaceb81c2e55c4610a1c18ae9f5a476de2282918a293726bce20aa932e06666b4e8b6885775b919a93a91a9" />
        <IMembershcipCondition
          Class="StrongNameMembershipCondition"
          version="1"
          PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001007da2bfd8e8ec53bd9caa8a5e3af2408cabd60b04c1df80bf8cbad447addaa8a7854818c77ea4f1ada3b73f33836b716999a5aac2475b22c676cedb3fe42cb2ebfba9dc20c04b1baab5a75ead6169b45d1dbef0bcbe82d5f862f954739ed100eaf41425eddd559aee883c055da038d0d8c2e998db799d6e1995ddea95a48eb0b4"/>
      </CodeGroup>

Can anyone point out to me how to get this right?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

聆听风音 2024-07-27 13:47:07

我不明白为什么将两个 dll 放入 GAC 或将 web.config 设置更改为 FullTrust 不起作用。你不能给它更多的权限。您确定您遇到的问题与安全相关吗？如果您只将其中一个 dll 放入 GAC 中，您是否具有 [程序集：AllowPartiallyTrustedCallers()] 属性？

只是一个旁注：
您应该将权限集放在 WSP:s manifest.xml 中，这将确保在部署该功能时，SharePoint 在所有 frontweb 上为 dll 设置正确的权限。这将使管理变得更加容易。

http://msdn.microsoft.com/en-us/library/aa543901。 ASPX

回复收藏 0 原文

~没有更多了~